raindoll

Crypto

As threat actors become more sophisticated, they realize that rolling their own crypto is neither efficient, nor effective. They will start to consider using well-known cryptographic algorithms that have been well-tested and proven to be hard to break. Of course, key management then becomes ... key ... to maintaining operational security.

The pcap from this challenge is from a trojan that encrypts some of its communications, including the files that it exfiltrates to the C2 server. You won't be able to crack the crypto, even if you have a supercomputer. But maybe you won't have to... .

Extract the necessary data from the pcap, and decrypt the encrypted message, which includes the flag.

4KB

raindoll.pcap

PreviousCorrupted File NextA Simple Cipher

Last updated 4 years ago

Was this helpful?